我在IIS8上部署了一个ASP .NET Web应用程序,启用了表单身份验证和匿名身份验证。当我通过登录页面提供凭证后从Intranet访问网站时,它运行没有任何问题。但是当我作为外部用户登录到Internet的应用程序时,主页和其他页面将加载没有任何问题,但在回发时如选择的索引更改或按钮单击,则网站将抛出403 Forbidden错误如下 “您无权访问此服务器上的page.aspx”
我在IE和Chrome中尝试过,都会抛出错误。我甚至试过使用identity impersonate = true但仍然会抛出相同的错误。我让IUSR完全控制文件夹。
我的web.config文件如下所示..
<?xml version="1.0" encoding="utf-8"?>
<!--
For more information on how to configure your ASP.NET application,
please visit
http://go.microsoft.com/fwlink/?LinkId=169433
-->
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit
http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework"
type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection,
EntityFramework, Version=4.4.0.0, Culture=neutral,
PublicKeyToken=b77a5c561934e089" requirePermission="false" />
<section name="nlog" type="NLog.Config.ConfigSectionHandler, NLog" />
</configSections>
<connectionStrings>
<add name="Test"
connectionString="metadata=res://*/Models.xxx_DB.csdl|res://
*/Models.xxx_DB.ssdl|res://*/Models.xxx_DB.msl;provider=
System.Data.SqlClient;provider connection string="data
source=xxxxxxx\xxx;initial catalog=Test;integrated
security=True;pooling=False;multipleactiveresultsets=True;application
name=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
<system.web>
<httpHandlers>
<add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" validate="false" />
</httpHandlers>
<httpModules>
<add name="BypassCache" type="BypassCacheModule, BypassCacheModuleAssembly" />
</httpModules>
<compilation debug="true" targetFramework="4.0">
<assemblies>
<add assembly="Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91" />
<add assembly="Microsoft.ReportViewer.Common, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845DCD8080CC91" />
<add assembly="Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
</assemblies>
<buildProviders>
<add extension=".rdlc" type="Microsoft.Reporting.RdlBuildProvider, Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91" />
</buildProviders>
</compilation>
<authentication mode="Forms">
<forms cookieless="UseDeviceProfile" defaultUrl="~/Start.aspx" enableCrossAppRedirects="true" loginUrl="~/Login.aspx" name=".ASPXAUTH" path="/" protection="All" requireSSL="false" slidingExpiration="true" timeout="10080"/>
</authentication>
<authorization>
<deny users="?" />
</authorization>
<profile defaultProvider="DefaultProfileProvider">
<providers>
<add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<roleManager defaultProvider="DefaultRoleProvider">
<providers>
<add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</roleManager>
<!--
If you are deploying to a cloud environment that has multiple web server instances,
you should change session state mode from "InProc" to "Custom". In addition,
change the connection string named "DefaultConnection" to connect to an instance
of SQL Server (including SQL Azure and SQL Compact) instead of to SQL Server Express.
-->
<sessionState mode="InProc" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
</providers>
</sessionState>
<pages>
<controls>
<add tagPrefix="asp" assembly="AjaxControlToolkit" namespace="AjaxControlToolkit" />
</pages>
<httpRuntime requestValidationMode="2.0" shutdownTimeout="120" />
</system.web>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true" />
<defaultDocument>
<files>
<add value="Start.aspx" />
</files>
</defaultDocument>
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<add name="ReportViewerWebControlHandler" preCondition="integratedMode"
verb="*" path="Reserved.ReportViewerWebControl.axd"
type="Microsoft.Reporting.WebForms.HttpHandler,
Microsoft.ReportViewer.WebForms, Version=11.0.0.0, Culture=neutral,
PublicKeyToken=89845dcd8080cc91" />
</handlers>
</system.webServer>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.Core" publicKeyToken="2780ccd10d57b246" />
<bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="DotNetOpenAuth.AspNet" publicKeyToken="2780ccd10d57b246" />
<bindingRedirect oldVersion="0.0.0.0-4.1.0.0" newVersion="4.1.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.WindowsAzure.Storage" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-2.1.0.4" newVersion="2.1.0.4" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="HtmlAgilityPack" publicKeyToken="bd319b19eaf3b43a" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.4.6.0" newVersion="1.4.6.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<entityFramework>
<defaultConnectionFactory
type="System.Data.Entity.Infrastructure.LocalDbConnectionFactory,
EntityFramework">
<parameters>
<parameter value="v11.0" />
</parameters>
</defaultConnectionFactory>
</entityFramework>
<nlog xmlns="http://www.nlog-project.org/schemas/NLog.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<targets>
<target name="file" xsi:type="File" fileName="${basedir}/Logs/
${shortdate}.log" layout="${date}:${callsite}: ${level}: ${message}" />
</targets>
<rules>
<logger name="*" minlevel="Info" writeTo="file" />
</rules>
</nlog>
页面的HTML标记如下
<asp:Content ID="Content2" ContentPlaceHolderID="ContentPlaceHolder1" runat="server">
<asp:ToolkitScriptManager ID="ToolkitScriptManager1" runat="server" EnableScriptLocalization ="true" EnableScriptGlobalization="true">
</asp:ToolkitScriptManager>
<br />
<table class="auto-style1">
<tr>
<td class="col-style11"> </td>
<td>
<asp:TabContainer ID="TabContainer" runat="server" BorderStyle="None">
<asp:TabPanel ID ="TabPanel_xx" runat="server" HeaderText="xxxxx" BorderStyle="None" Font-Size="Medium">
<ContentTemplate>
<table class="auto-style1">
<tr>
<td colspan="3">
<asp:Label ID="Lbl_Heading" runat="server" Text="xxxxxx." Font-Bold="True" Font-Size="Medium" Font-Names="Arial"></asp:Label>
</td>
</tr>
<tr>
<td class="col-style1">
<asp:Label ID="Lbl_xxxx" runat="server" Text="xxxxx" Font-Size="Medium" Font-Names="Arial"></asp:Label>
</td>
<td class="col-style2">
<asp:DropDownList ID="Dl_xxxx" runat="server" width="50%" style="text-align:right" AutoPostBack="true"></asp:DropDownList>
</td>
<td class="col-style3">
</td>
</tr>
<tr>
<td class="col-style1" style="height:15px"></td>
<td class="col-style2" style="height:15px"></td>
<td class="col-style3" style="height:15px"></td>
</tr>
</table>
<br />
<table class="auto-style1">
<tr>
<td>
<asp:FormView ID="FV_xxxx" runat="server" DataSourceID="xxxx" DataKeyNames="xx_Id" Width="53%" Font-Names="Arial">
<ItemTemplate>
<hr />
<h4>Project Name: <%# Eval("xx_Name") %></h4>
<table class="auto-style1" >
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:Label ID="LBl_xx" runat="server" Text='<%# Bind("xxxxxx") %>'>
</asp:Label>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxxx:</td>
<td class="form-style2">
<asp:Label ID="Lbl_xxx" runat="server" Text='<%# Bind("xxxxxxxx") %>'>
</asp:Label>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:Label ID="Lbl_xxxx" runat="server" Text='<%# Bind("xxxxxxx") %>'>
</asp:Label>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:Label ID="Lbl_xxxx" runat="server" Text='<%# Bind("xxxxxxx") %>'>
</asp:Label>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxxx :</td>
<td class="form-style2">
<asp:Label ID="Lbl_xxxx" runat="server" Text='<%# Bind("xxxxxx") %>'>
</asp:Label>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:Label ID="xxxxx" runat="server" Text='<%# Bind("xxxxxx") %>'>
</asp:Label>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:Label ID="xxxxx" runat="server" Text='<%# Bind("xxxx") %>'>
</asp:Label>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1"></td>
<td class="form-style2">
<asp:LinkButton ID="EditButton" runat="server" Text="Edit" CommandName="Edit">Edit</asp:LinkButton>
</td>
</tr>
</table>
</ItemTemplate>
<EditItemTemplate>
<hr />
<h4>xxxx: <%# Eval("xxxxx") %></h4>
<table class="auto-style1" >
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:TextBox ID="xxxx" runat="server" Text='<%# Bind("xxxxx") %>' ></asp:TextBox>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:TextBox ID="xxxx" runat="server" Text='<%# Bind("xxxxx") %>' ></asp:TextBox>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx:</td>
<td class="form-style2">
<asp:TextBox ID="xxxx" runat="server" Text='<%# Bind("xxxxx") %>' ></asp:TextBox>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:TextBox ID="xxxxx" runat="server" Text='<%# Bind("xxxxxx") %>' ></asp:TextBox>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1">xxxxx :</td>
<td class="form-style2">
<asp:TextBox ID="xxx" runat="server" Text='<%# Bind("xxxxxx") %>' ></asp:TextBox>
</td>
</tr>
<tr><td></td></tr>
<tr>
<td class="form-style1"></td>
<td class="form-style2">
<asp:LinkButton ID="LinkButton1" runat="server" CausesValidation="True" CommandName="Update" Text="Update"/>
<asp:LinkButton ID="LinkButton2" runat="server" CausesValidation="False" CommandName="Cancel" Text="Cancel" />
</td>
</tr>
</table>
</EditItemTemplate>
</asp:FormView>
<asp:EntityDataSource ID="xxxxx" runat="server" ConnectionString="name=Test" DefaultContainerName="Test"
EnableFlattening="False" EnableUpdate="True" EntitySetName="xxxxx" Where="it.xxx_Id == @xx_Id">
<WhereParameters>
<asp:ControlParameter ControlID="Dl_xxx" Name="xx_Id" PropertyName="SelectedValue" Type="Int32" />
</WhereParameters>
</asp:EntityDataSource>
</td>
</tr>
</table>
</ContentTemplate>
</asp:TabPanel>
Formview应根据下拉列表中的选定值加载内容。 此页面加载时没有任何错误,Formview显示Dropdownlist中第一个元素的详细信息但是当我从Dropdownlist中选择一个新值时,会得到以下http错误403 Forbidden Error
我的问题类似于 Forbidden error on postback 这里提到的更改是否仍然面临同样的错误。
仅在某些页面中我遇到此问题,而其他页面在发生任何问题时都会回发甚至写入数据库。
